Fortanix Data Security Manager - SAML SSO Agent Configuration - RSA Ready SecurID Access Implementation Guide
2 years ago
Originally Published: 2022-01-27

This section describes how to integrate RSA SecurID Access with Fortanix Data Security Manager using a SAML SSO Agent.

Architecture Diagram

jaink9_0-1643324654289.png

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as an SSO Agent SAML IdP to Fortanix Data Security Manager.

Procedure

1. Sign into the RSA Cloud Administration Console and browse to Applications > Application Catalog, click Create From Template and select SAML Direct.

jaink9_1-1643324698629.png

2. On the Basic Information page, specify the application name and click Next Step.

jaink9_2-1643324727744.png

3. In the Initiate SAML Workflow section:

a. Connection URL: In the Connection URL field, enter the url: https://sdkms.fortanix.com.

b. Select the SP-initiated radio button.

jaink9_3-1643324755143.png

4. In the SAML Identity Provider (Issuer) section:

a. Identity Provider URL : This will be automatically generated.

b. Issuer Entity ID : This will be automatically generated.

c. Click Generate Cert Bundle to generate and download a zip file containing the private key and certificate. Unzip the downloaded file to extract the certificate and private key.

d. Select the first Choose File and upload the RSA SecurID Access private key.

e. Select the second Choose File and upload the RSA SecurID Access public certificate.

jaink9_4-1643324784437.png

5. Under Service Provider section:

a. Assertion Consumer Service (ACS) URL: In Assertion Consumer Service (ACS) URL field enter: https://sdkms.fortanix.com/saml.

b. Audience (Service Provider Entity ID): In Audience field enter: https://sdkms.fortanix.com/saml/metadata.xml.

jaink9_5-1643324837930.png

6. Under User Identity section, select Email Address from the Identifier Type drop-down list, select the name of your user Identity Source and select the property value as mail.

jaink9_6-1643324912501.png

7. Scroll to the bottom of the page and click Next Step.

8. On the User Access page, select the access policy the identity router will use to determine which users can access the Fortanix service provider. Click Next Step.

jaink9_7-1643324955428.png

9. On the Portal Display page, configure the portal display and other settings. Click Save and Finish.

10. Click Publish Changes in the top left corner of the page, and wait for the operation to complete.

jaink9_8-1643325002372.png

11. Navigate to Applications > My Applications and locate Fortanix in the list and from the Edit option, select Export Metadata.

 

Configure Fortanix Data Security Manager

Perform these steps to integrate Fortanix Data Security Manager with RSA SecurID Access as a SAML SSO Agent.

Procedure

1. Log in to your Fortanix DSM portal.

2. From the left panel click Settings > AUTHENTICATION > SINGLE SIGN-ON.

jaink9_0-1643325113678.png

3. Add the SAML integration, and upload the SAML file downloaded from Step 11 of Configure RSA Cloud Authentication Service.

jaink9_1-1643325140025.png

4.Enter your custom SSO Title and Logo URL.

jaink9_2-1643325168344.png

5. Click ADD INTEGRATION.

6. Once your have added the configuration successfully, you will be able to see your configuration:

jaink9_3-1643325196141.png

 

Configuration is complete.

For additional integrations, see "Configuration Summary" section.

Related Articles

Trending Articles

Don't see what you're looking for?